Security release: symfony 1.4.20 released

Uli Hecht contacted us a couple of days ago about a security issue in symfony
1.4. The vulnerability allows reading any file stored on the server if it is
readable by the web server. Your application is vulnerable if there is a form
that contains a file upload field and the uploaded file is stored under a
web-accessible area (somewhere under the web root directory).

If you are vulnerable, we highly recommend you to upgrade as soon as
possible, and if it is not possible, please apply the following patch:

#5: I confirm that! I've just wasted a whole day on Xdebugging only to find that all those fatal errors I had were caused by the Swiftmailer update. Symfony 1.4.20 is NOT backward compatible if you use Swiftmailer in a certain way. If you had enqueued bunch of emails using previous version (in my case: 1.4.18) and you try to send them using the new one, lot of problems come up and all of them are related to unserialization and to the recently added Swift_Mime_Grammar class.
My problem is even worse now, because a production server had been using 1.4.20 for some time and my email queue consists of mixed .18- and .20-enqueued emails, so both code revisions give fatals on send attempts :(